3. Agenda
• Introduction
• Infrastructure Security Challenges and the
Business Impact
• Introducing Microsoft System Center
• Lieberman Enterprise Random Password
Manager™ for System Center
• Lumension Device Control for System
Center™
• Summary and Next Steps
4. Infrastructure Security Challenges
Increased Access Increased Security
Always on, always Advanced, multi-level attacks
connected Hacks motivated by criminal
Demands for increased profit
access to information Phishing and social
Communicate with engineering hacks wrapped in
partners, employees, outs technology
ourcers, and customers Need to secure new types of
Regulatory requirements devices and storage
for transparency Need to enforce and audit
compliance
Managing the tension between accessibility and security
5. Business Impact
What Can Our Integrated Security Solution Do For Your Business?
Keep Your IT Up and Running Protect Your Data
Keep company data private and
Manage systems, data and devices
secure by preventing common
across the organization.
breaches.
Save time through increased system Control and audit access to
performance while enabling privileged systems, devices and
collaboration across boundaries. applications.
Reduce security risks by storing data Be confident that sensitive
centrally on your company network. information is treated with integrity.
Improve data protection with
Store and back up data to eliminate
consistent tools and processes to
worry about data loss.
protect vital assets.
6. Introducing Microsoft System Center
Martin Buckley, Strategic Alliances – System Center -
Management & Services Division
7. Industry Trends
Macro Trends Current Indicators
Virtualization Acceleration • #1 CIO priority in 2008 (up from #17)
Compliance • CIOs expect 10% of IT budget to be dedicated to compliance
IT Service Management • IT orgs can currently only correlate 30% of IT alerts to business problems
Anywhere Access
• Converged mobile phones (Smartphones) growing
two times faster than mobile PCs
22% New
Software as a Service • >1/3 of TDMs interested in using SaaS to support
customer-facing business processes
78% Maintenance
Data Center Build Outs • 74% of enterprises mandate all servers
must reside in the data center
Implication • 78% of IT budgets spent on maintenance activities, trends increase pressure
8. System Center Solutions: People, Process, & Technology
Management Packs Connectors for Interoperability
Knowledge
Solution Accelerators Microsoft Operations Framework
(MOF/ITIL)
Partner Ecosystem
Microsoft Consulting Services
Data Center
Management
Solutions
Products
Desktop & Device
Management
Infrastructure
Windows Platform
Virtualization Technology
Open Standards
Mid-Market
9. Virtualization
Managing a virtualized infrastructure with a common management platform
Profile
Virtualization
Document redirection
Offline files
Presentation Server
Virtualization Virtualization
Desktop Application
Virtualization Virtualization
10. Data Center Management Solutions
Configuration End to End Server Data Protection
Management Monitoring Compliance and Recovery
Business Continuity
Automated Proactive Platform Configuration
Through
Provisioning Monitoring Controls and
Virtualization
and Updating Application & Reporting
Mgmt
of Physical Service Level Centralized
and Virtual Backup
Monitoring Security Auditing
Environments and Recovery of
Interoperable Comprehensive Physical and Virtual
Server and Extensible Security & Identity Resources
Consolidation Platform and Access Mgmt
Through Disaster Recovery
Virtualization
11. Configuration Management
Automated provisioning and server consolidation through virtualization
• Power, space and maintenance costs
Challenges forcing more efficient use of resources
Addressed • Dispersed servers and applications difficult
to manage and update
• Manage virtual machines to consolidate
physical servers
Key • Provision operating
Capabilities systems, applications, and patches in the
data center
―We understood that if we consolidated servers we would reduce
energy consumption. [System Center is a] one-stop, single-point
approach to managing hundreds of Virtual Server–based virtual
machines and all the hosts, while also easily performing physical-
to-virtual migrations.‖
- Jason Foster, Systems Architect Sr. Manager of Technology, Continental
12. End to End Monitoring
Proactive platform, application and service-level monitoring
• IT services, applications and
Challenges servers must run smoothly
ERP Application
Addressed • Increasing pressure for service
levels that ensure optimal
uptime and responsiveness
• Proactively monitor Databases Servers Web Servers
availability, performance and
configuration across
heterogeneous platforms
Key
Capabilities • Perform deep application and Order Tracker DB DN-App1 OTW-IIS-01 OTW-IIS-02
service-level monitoring
―I can provide our system administrators with more in-depth monitoring and
more explicit alerting. We can configure server reports to show downtime
warnings, downtime events, and the start time and end time of every
occurrence. We can also quickly learn why a server experienced
downtime—whether it was a power outage, a hardware or software
malfunction, or a server maintenance issue.‖
Paul Johnson, Windows Monitoring Architect & Systems Engineer, Gates Corp
13. Server Compliance
Configuration controls and centralized audit of system security
• Increasing compliance and audit requirements
Challenges associated with business policies and regulatory
requirements
Addressed
• Security pressures in the data center
• Create, maintain and report on configuration
controls for the data center environment
Key • Gather and report security related events
Capabilities • Manage identities and access and improve
security in the data center
―SAS 70 is a huge initiative for us with regard to our data centers and all of
our applications, and SOX is obviously important as well. With [System
Center] my team has reduced the amount of time that we spend collecting
security log information. For example, we just completed an investigation
and pulled the security report in less than 5 minutes. In the past it would
have taken days.‖
Jeff Skelton, Manager, Enterprise Management Center, Stewart
14. Data Protection and Recovery
Backup & restore and business continuity through virtualization mgmt
Backup and Restore
• High availability and business continuity needed
Challenges to meet service levels and optimal uptime
Addressed
• Simple disaster recovery and backup &
restoration of data and information
• Dynamically replicate and move virtual
machines and applications to distribute
workloads in the event of an outage
Key • Recover and restore the physical and
Capabilities virtual environments in the data center
through continuous data protection Data Center A
Data Center B
“We really liked the looks of [System Center] for three key reasons, its disk-
to-disk-to-tape design, the fact that we could eliminate full backups
altogether and simply take snapshots, and its disaster recovery features.‖
Ed Olson, Lead Windows Infrastructure Engineer, AutoNation
15. Desktop Management Solutions
Streamlined Application Optimized Client Health Ease User Access Without
and Desktop Delivery and Performance Compromise
Adaptive Application Client Infrastructure End-Point Security
Delivery Monitoring Management
Managed client Client health monitoring Enforced compliance with
application delivery via and proactive issue system health policy
traditional and virtual identification definitions via remediation
methods
Simplified Windows Remote PC Diagnostics & Configuration
Vista Deployment Repair Compliance
Automated OS Zero-touch remote Assess systems
deployment via image diagnosis and remediation compliance against
standardization with Intel® vProTM established configuration
baselines
16. Adaptive Application Delivery
Managed client application delivery via traditional and virtual methods
• Application compatibility and run time conflicts
complicate deployments and regression testing Data, User
Challenges settings
Addressed • New delivery models make asset inventory and
reporting difficult Application Application
• Natively deploy virtual applications to reduce or
eliminate runtime conflicts
OS
Key • Separate user state from computer
hardware, OS, application data and user
Capabilities settings for anywhere access
Hardware
• Centrally manage traditional, virtual and
streamed applications from a single console
“We have significantly accelerated the testing of new programs by using
virtualization. There are no more installs, and virtualized programs have no effect on
the operating system or other applications.”
- Frank Walburg, Department Manager of Desktop Software Services, BASF IT Services
17. Simplified Windows Vista/7 Deployment
Automated OS deployment via image standardization
• Multiple hardware, OS and application
configurations cause costly deployments
Challenges
Addressed • Offline and low bandwidth environments
make automated deployment methods
less effective
• Streamline Windows Vista deployment
planning thru hardware assessment and
application compatibility testing
Key • Standardize on a single hardware
Capabilities independent image to reduce OS
deployment complexity
• Deployment support for highly
distributed environments
“Deploying a new infrastructure and installing operating systems, applications, and
drivers on thousands of computers across 50 locations and several countries, all
within a year, is a massive task…we’re succeeding—and Configuration Manager is
an essential part of our success.”
-- Poul Westmose, Chief Technology Officer, DONG Energy
18. Client Infrastructure Monitoring
Client health monitoring and proactive issue identification
• Majority of hardware, application and OS
crashes unreported until large number of
Challenges end users impacted
Addressed
• Configuration and user setting changes
impact performance and security standards
• Proactively monitor and identify OS, application
and hardware issues to minimize support costs
and impact to end-user productivity
Key • Report on configuration compliance and
Capabilities collective system health to identify trends
• Improve reliability and security by reducing
configuration drift
“We catch problems before our users see them. That’s a significant way to
contribute to our mission.”
- Xavier Coppin, Systems Engineer, Skyguide.
19. Remote PC Diagnostics and Repair
Zero-touch remote diagnosis and remediation with Intel® vProTM
• Troubleshooting and repairing PCs is mostly a
Challenges manual and costly effort
Addressed • PCs that are powered off or that won‟t boot
cannot be diagnosed or repaired
• Accelerate problem resolution time with
diagnostic, configuration and performance
monitoring tools
Key • Reduce onsite service calls with zero touch
Capabilities remote management, including PCs that
won‟t boot or are powered off
“Having the ability to wake devices up and run updates via a standard
technology…will only enhance the security posture that the VA has been working to
meet”
- Charles de Sanno, Executive Director of Enterprise Technology and IT Engineering, Veterans
Affairs Department
20. End-Point Security Management
Enforced compliance with system health policy definitions via remediation
• Mobile and distributed users present Policy Servers
e.g.., Patch, AV
Challenges unique network security and
compliance challenges Microsoft
Addressed NPS 3
• Must identify vulnerabilities, enforce
policies and remediate threats Not policy
compliant 5
Remediation
• Provide secure access across your 2
Restricted
Network
Servers
e.g.,Patch
remote, LAN and wireless connections Policy
compliant
Key • Automatically assess vulnerabilities
4
and security compliance DHCP, VPN
Capabilities Switch/Router
Corporate Network
• Enable automatic enforcement and
remediation of security parameters to
ensure ongoing compliance
“We envision an IT environment that’s easy to maintain, with computers that
automatically download updates and other required software every time they boot
up, from the first day they’re on the network”
- Noah Johnson, Senior Systems Engineer, Freightliner
21. Configuration Compliance
Assess systems compliance against established configuration baselines
• Misconfigured desktops represent
compliance and security risks
Challenges
Addressed • Desktop configuration drift (settings
changes, account permissions, etc.) from
multiple administrators changing policies
• Create, maintain and report on
configuration controls for your
desktop environments
Key • Automate process for desired
Capabilities configuration management
• Utilize best practices built directly
into the solution
“We’ll have our first-ever 100 percent compliance and lock-down, which translates
into greater reliability and availability, better helpdesk operations, and faster and
smoother updates and deployments, because we’ll be building on up-to-date, same-
state servers, workstations, and devices.”
- Richard Page, IT Project Manager, Shoprite
22. Core Infrastructure Optimization
Basic Standardized Rationalized Dynamic
Uncoordinated, manual Managed IT Managed and Fully automated
infrastructure infrastructure with consolidated IT management,
limited automation infrastructure with dynamic resource
maximum automation usage, business
linked SLA‟s
Dynamic IT
Cost Center More Efficient Business Enabler Strategic Asset
Cost Center
Manage Complexity and Achieve Agility
23. Managing Complexity
Customer success stories
Basic Standardized Rationalized Dynamic
Simplified Vista Server Consolidation
Data Protection and Deployment
Recovery Danish
Saved $500K in Reduced server costs
Foreign by $2M per year
Reduced back-up deployment costs
Ministry
times by 50%
Configuration Management Configuration Management Client Infrastructure
Monitoring
Cut helpdesk
MEGA PHARMA costs by 35%
Cut update time by 90% Cut deployment time by 73%
Dynamic IT
24. Dynamic IT Management
• Use knowledge- • Improve visibility and
based, automated in-line control through
tasks to deliver integrated management
rapid, high quality
service • Manage multi-hypervisor
technologies and
• Maximize the use of the monitor cross-platform
IT department’s existing environments
Windows Server
expertise
• Out of the box, build on • Reduce complexity
deep domain knowledge through seamless
from both Microsoft and management of logical IT
our strong partner environments
community
• Manage your virtual
• Implement templated environments down to the
best practices through application level
Solution Accelerators
26. Who We Are: Lieberman Software
• Privileged Identity Management Software for
Windows and the Cross-Platform Enterprise
• HQ in Los Angeles with marketing and
support office in Austin
• Privately Owned, Profitable, 100% USA-based
• Followed by Gartner, Forrester, 451 Group,
Kuppinger-Cole (EMEA)
• Technical partnerships include: Microsoft,
Oracle, HP, IBM, EMC/RSA, Novell, Red Hat, 1900 Avenue of the Stars, Los Angeles
BMC Software, nCipher Headquarters Office
• Over 900 Enterprise Customers in every
industry, in all regions of the world
27. Privileged Accounts: What Are The Risks?
• Do you know where all of your • Who is sharing credentials?
privileged accounts are? Are they accountable?
• Do the wrong people have • Will you pass your next IT
access to sensitive data? audit?
• Are privileged accounts being • Will your passwords fail to
used for tasks that don’t withstand dictionary and social
require them? attacks?
28. Privileged Accounts: Mitigating The Risks
• Identify and document critical IT assets, their privileged accounts and
interdependencies.
• Delegate so that only appropriate personnel can access privileged
accounts in a timely manner, using the least privilege required, with
documented purpose, during designated times.
• Enforce rules for password strength, uniqueness and change
frequency, synchronizing changes across dependencies.
• Audit and Alert so that the requesters, purpose and requested
duration are documented and management is made aware of unusual
access and other events.
30. Datacenter Deployment
New servers and applications
have been deployed in the
datacenter.
The team must confirm that all
privileged accounts on these
systems are secured as
required by compliance
standards.
31. Datacenter Deployment
You launch Enterprise
Random Password
Manager…
…and verify in the Windows Systems
View that ERPM has already
discovered these systems.
32. Datacenter Deployment
You switch to the Account Store Discovered accounts include
View, expand a node for one of the Windows Administrator
new servers, and view all of the accounts and privileged
privileged accounts detected on the accounts used by services and
system. applications.
34. Datacenter Deployment
The Properties window confirms that Enterprise
Random Password Manager has already deployed
new password credentials.
35. Datacenter Deployment
Now authorized personnel can get privileged
access to these servers by clicking Favorite
Tasks in the SCOM / SCCM Computers node.
36. Datacenter Deployment
Privileged access is granted through permissions already configured in
the company’s Role-Based Access Control system…
… and when an IT staff member clicks Recover….
37. Datacenter Deployment
… he is prompted to type the reason for the
password recovery request so there’s an audit trail.
38. Datacenter Deployment
A password is then provided through the
SCOM /SCCM interface for one-time use.
Immediately after use, the password will be changed
according to the company’s configured policy.
39. Results
• You now have an authoritative list of privileged
accounts on the new servers.
• The account credentials are secured and will be
changed according to a schedule policy.
• Authorized IT staff can quickly access these
systems without taking authorizers’ time.
• All requests for privileged access are audited.
• Your team meets its mandate to secure the
newly-deployed hardware.
41. Preparing for an IT Audit
IT staff have limited time
to prepare for a critical
Audit.
The requirements list
is long…
42. Preparing for an IT Audit
IT staff must show that:*
1. Administrator passwords are changed every 90 days.
2. There are no group, shared, or generic privileged accounts or passwords.
3. Access rights are restricted to least privileges required.
4. Inactive privileged accounts are removed or disabled every 90 days.
5. Privileged access is immediately revoked for all terminated users.
6. All system components are covered by password security policies.
7. Vendors’ remote maintenance accounts are
enabled only during time periods needed.
8. All vendor-supplied passwords are
changed before systems are deployed.
9. Automated audit trails are implemented for
all system components.
*Typical PCI DSS requirements
43. Preparing for an IT Audit
You launch Enterprise
Random Password
Manager…
First, let’s prove that all
privileged account passwords
are changed at least every 90
days.
44. Preparing for an IT Audit
… and open the
Windows
Accounts View to
see a list of Views can also be sorted by
privileged system name, account
passwords, name, and so on.
sorted by age.
You then click
Compliance...
45. Preparing for an IT Audit
… to create an HTML-
formatted report that shows
the last password change
date for all systems on your
network.
You’ve documented that
ERPM is changing all
privileged passwords
according to regulatory
requirements.
46. Preparing for an IT Audit
Next, let’s prove that there are
no group, shared, or generic
privileged accounts or
passwords on your production
network…
… that no systems fail to
comply with regulatory
requirements for privileged
passwords…
… and that any vendor-
supplied passwords on newly-
deployed systems or
applications have been
discovered and changed.
47. Preparing for an IT Audit
With a few more clicks, you create a new report
showing a total of 19 systems on your network
that don’t have unique, complex, and
frequently changed privileged credentials
enforced by ERPM.
Fortunately these
are all lab
systems, not on
the production
domain, that
don’t need to
comply.
48. Preparing for an IT Audit
Next, let’s document that IT
personnel are accessing
privileged accounts on a need
to know basis.
This is a common
requirement of many
regulatory standards.
49. Preparing for an IT Audit
Start by choosing whether to
create a report by
account, system, or user...
50. Preparing for an IT Audit
This report shows the
history, by user, of every
password check-out
request.
It shows the
day, time, system, account, and
stated purpose to verify the
need for each access.
51. Preparing for an IT Audit
ERPM also manages and
reports user access by
Remote Desktop
Connection.
This feature is commonly
used to grant
temporary, audited access
to vendors and contractors.
52. Results
• The organization demonstrates that it has
auditing controls in place to manage
privileged access.
• Preparations for IT audits are completed far
more efficiently.
• Audit results are far more predictable.
53. ERPM for Systems Center Ops Manager
Internal & External Credential Use Management
• Inventories all SCOM credential usage
• Continuously updates/randomizes credentials on all
external systems, devices and applications so there is
no common credential for access to all systems
• Propagates new passwords back to SCOM “Run As”
accounts, agents, services, etc.
• SCOM “Run As” accounts maintain access to cross-
platform and un-trusted systems
• Access credentials in SCOM and components are
updated in compliance with IT regulatory mandates
• No more manual updating of systems, agents and
services
54. ERPM for System Center Config Manager
Fire Call Password Retrieval in SCOM/SCCM
• An Agent-less process deploys
unique, frequently changing administrator / root
account passwords to all machines
(Windows, Linux, UNIX, appliances, etc.)
• No one knows current administrator / root
passwords until they’re retrieved through
audited check-out
• Role-based approvals expedite the password
retrieval process
• Retrieved passwords are time-limited
• Activity and operations reports are accessible
through a web-based console
56. Lumension‟s History
Established: Sept „07
Founded in 1991 Acquired: Feb „07 Acquired: July „07 Acquired: April „09
Market-leading Enterprise-class Market-leading Compliance and Risk
patch management vulnerability device and Management.
management application control
First cross-platform Delivering predefined
and application First credentialed First to introduce compliance and
patch management based vulnerability whitelisting / control frameworks
solution scanner patented file
“shadowing”
technology
57. Worldwide Presence & Recognition
Offices Worldwide Strong Partner Base (400+ Worldwide)
More than 5,100 customers in 68 countries Award-Winning
58. Strong Microsoft Partner
Lumension is a Long-term Microsoft Gold Partner
• Both PatchLink and SecureWave held Gold Partner status
• Lumenion has continued Gold Partner status
• Competencies:
• Advanced Infrastructure Solutions
• Data Management Solutions
• ISV/Software Solutions
System Center Alliance Member
• Announcement forth coming
US ISV Managed Partner Program
Product line built on Microsoft Technologies:
• Primary development environment - TFS
• Products developed/delivered on Microsoft Technology:
• Microsoft .NET
• Microsoft Server
• Microsoft SQL Server
59. Lumension Solution Portfolio
Lumension®
Solutions
Lumension® Lumension® Lumension® Lumension®
Vulnerability Endpoint Data Protection Compliance and
Management™ Protection Risk Management
Lumension® Patch and Lumension® Application Lumension® Device
Remediation Control Control Lumension® Risk Manager
(PatchLink Update) (Sanctuary Application Control) (Sanctuary Device Control)
Lumension® Scan
Products
(STAT Scan) PGP®
Lumension® Enterprise
Whole Disk Encryption
Lumension® Security Reporting
(Resell) (PatchLink ERS)
Configuration
Management
(PatchLink SCM)
Lumension® Device
Lumension® Content Control for System
Wizard Center
(PatchLink PDK)
60
60. Lumension Solution Portfolio
Lumension®
Solutions
Lumension® Lumension® Lumension® Lumension®
Vulnerability Endpoint Data Protection Compliance and
Management™ Protection Risk Management
Lumension® Patch and Lumension® Application Lumension® Device
Remediation Control Control Lumension® Risk Manager
(PatchLink Update) (Sanctuary Application Control) (Sanctuary Device Control)
Lumension® Scan
Products
(STAT Scan) PGP®
Lumension® Enterprise
Whole Disk Encryption
Lumension® Security Reporting
(Resell) (PatchLink ERS)
Configuration
Management
(PatchLink SCM)
Lumension® Device
Lumension® Content Control for System
Wizard Center
(PatchLink PDK)
61
61. The Borderless Enterprise
Data has moved beyond the
enterprise firewall:
Laptops / Home Offices
USB Sticks / WiFi / VPN
and more…
63. Increasing Internal Risk
Insiders have direct access to
70% of all serious incidents
your most sensitive data are sparked by insiders.
IDC Worldwide Security Products and Services
2007 Top 10 Predictions
Lost Laptops Disgruntled P2P File Sharing
& Devices Employees Software
48% of users utilize company tools for personal usage.
64. Business Challenges
Minimizing Data Leakage Risk: Data Leakage
via internal and/or external sources, be it
accidental or intentional, is the biggest
gap.
The Cost of Compliance: Bewildering array of
National, State and Industry laws and
regulations with costly Data Protection
implications.
Enabling Productivity: Data sharing via
removable devices enables cost-cutting
measures but is a risk that can’t be ignored.
65. Lumension Data Protection
Policy-Based, Encryption-Enabled Data Protection.
• Protect Data from Leakage and Theft: Enforce
usage policies for all removable devices and
media.
Lumension
Data Protection
• Increase Data Security: Define forced
encryption policy for data flows onto removable
Lumension Device Control (LDC)
devices / media. Flexible exception management.
• Improve Compliance: Policy-enforced
encryption on removable devices to ensure that Lumension Device Control
data cannot be accessed if removable devices or for Microsoft System Center
(DCSC)
media are lost or stolen.
• Continuous Audit Readiness: Monitor all device
usage and data transfers. Track all transferred
files and content. Report on all data policy
compliance and violations.
66. Lumension Data Protection: Key Features
Automates discovery of peripheral devices
Always-on policy, centrally managed, kernel based driver
Provides granular device control permission settings
• By user, group, computer
Flexible and powerful encryption options
White-list allowable devices
• By make, Serial Number, etc
• Control Thumb Drives, iPods, Blackberrys, CD/DVD,…
Delivers detailed audit capabilities
• Patented bi-directional “Shadowing” of data written to/from a device
• All device access attempts
• All administrator actions
• Exact contents of file(s) copied/compromised.*
Multiple hardware partnerships
67. Why Customers Choose Lumension
Tried and Proven: Over 1500 customers and 2
million licenses of Device Control Software
Policy Enforcement: Highly granular policies
enforced via kernel-level driver, whether on
or off line
Encryption: Centrally encrypt removable
devices/media or force users to encrypt
devices/media to ensure that data cannot
be accessed if removable devices/media
are lost or stolen.
File Shadowing: Keep a copy of every file that
is transferred to or from removable devices
/ media using patented bi-directional
shadowing technology. *
Scalability: Scalable deployment to an entire
network with tamper-proof agents on
every endpoint.
* Future capability for Device Control for System Center
68. Device Control for System Center (DCSC)
Implementation of Lumension Device Control on Microsoft System Center Configuration
Manager (SCCM) platform
• No stand-alone LDC server/console required
Provides market-leading LDC technology for SCCM customers:
• Advanced management of all endpoint ports and removable devices/media
• Policy based data encryption enforcement on devices/media
• Endpoint protection from malware on devices/media
Leverages key System Center technologies
• SCCM Console (MMC, UI, workflow)
• SMS (agent/policy deployments)
• WMI (monitoring and report information)
First and only Device Control for SCCM
Currently at Release Candidate 1 (RC1)
• GA Announcement: TechEd Europe (09Nov2009)
69. DCSC Value to Microsoft System Center Customers
Leverages SCCM Extends SCCM
Eliminates costs of stand- Enforce data/port policies
alone DC point solution for removable devices
Accelerates deployment of Enforce data encryption
DC security/audit benefits policies on range of devices
Aligns with existing SCCM Prevents malware intrusion
environment via removable media
• Decreased IT complexity
• Security-Optimized Infrastructure
• Increased ROI for System Center
70
71. Microsoft, Lieberman, & Lumension
Compliance and Data Protection
Privileged Identity Mgmt Data Leakage Prevention
• Shared password account mgmt • Granular device/port control
• Protects policy mgmt privileges policies prevent data leakage
Enterprise Random Device Control for
Password Manager System Center
72. Overcome Infrastructure Security Challenges
Mitigate security risks Create automated, audited
from hackers or processes to increase IT
unauthorized intruders staff productivity
Ensure compliance Protect against data Leverage existing IT
with privacy mandates loss, theft or infrastructure with
like PCI DSS corruption superior integration
…while continuing to provide high quality, uninterrupted service.
73. Next Steps
• Discussion – to better understand your needs
• Discovery – to better understand your infrastructure
• Demonstration – to show you Microsoft System Center, Enterprise
Random Password Manager ™ and Lumension Device Control for
System Center™
• Evaluation – to install and evaluate the software at your site
• Proof Of Concept – to test the products in-house
• Contact us!